R13: 0000000000000000 R14: 00007fa8d7375fa0 R15: 00007ffd40a8dd18 ============================================ WARNING: possible recursive locking detected 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 Not tainted -------------------------------------------- syz.3.210/6527 is trying to acquire lock: ffff888033e1d9a0 (&mm->mmap_lock){++++}-{4:4}, at: gup_fast_fallback+0x11bf/0x2690 mm/gup.c:3416 but task is already holding lock: ffff888033e1d9a0 (&mm->mmap_lock){++++}-{4:4}, at: mmap_write_lock_killable include/linux/mmap_lock.h:122 [inline] ffff888033e1d9a0 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff+0x160/0x360 mm/util.c:573 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&mm->mmap_lock); lock(&mm->mmap_lock); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by syz.3.210/6527: #0: ffff888033e1d9a0 (&mm->mmap_lock){++++}-{4:4}, at: mmap_write_lock_killable include/linux/mmap_lock.h:122 [inline] #0: ffff888033e1d9a0 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff+0x160/0x360 mm/util.c:573 #1: ffff8880359c11e0 (&ctx->wb_lock){+.+.}-{4:4}, at: netfs_writepages+0xb9/0x8f0 fs/netfs/write_issue.c:548 stack backtrace: CPU: 0 UID: 0 PID: 6527 Comm: syz.3.210 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037 check_deadlock kernel/locking/lockdep.c:3089 [inline] validate_chain kernel/locking/lockdep.c:3891 [inline] __lock_acquire+0x2117/0x3c40 kernel/locking/lockdep.c:5226 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849 gup_fast_fallback+0x11f8/0x2690 mm/gup.c:3416 get_user_pages_fast+0xa8/0x100 mm/gup.c:3512 __iov_iter_get_pages_alloc+0x8ed/0x2280 lib/iov_iter.c:1177 iov_iter_get_pages_alloc2+0x53/0xf0 lib/iov_iter.c:1230 p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0 net/9p/trans_virtio.c:333 p9_get_mapped_pages net/9p/trans_virtio.c:318 [inline] p9_virtio_zc_request+0x1be/0x1390 net/9p/trans_virtio.c:439 p9_client_zc_rpc.constprop.0+0x29a/0x880 net/9p/client.c:808 p9_client_write+0x447/0x680 net/9p/client.c:1641 v9fs_issue_write+0xe4/0x1b0 fs/9p/vfs_addr.c:59 netfs_do_issue_write+0x92/0x110 fs/netfs/write_issue.c:233 netfs_issue_write fs/netfs/write_issue.c:262 [inline] netfs_advance_write+0x164/0xc80 fs/netfs/write_issue.c:286 netfs_write_folio+0xc19/0x1930 fs/netfs/write_issue.c:487 netfs_writepages+0x29a/0x8f0 fs/netfs/write_issue.c:583 do_writepages+0x1b3/0x820 mm/page-writeback.c:2708 filemap_fdatawrite_wbc mm/filemap.c:388 [inline] filemap_fdatawrite_wbc+0x104/0x160 mm/filemap.c:378 v9fs_mmap_vm_close+0x1ff/0x250 fs/9p/vfs_file.c:502 vma_close mm/internal.h:147 [inline] vms_clean_up_area mm/vma.c:1158 [inline] __mmap_prepare mm/vma.c:2278 [inline] __mmap_region+0x5bf/0x2760 mm/vma.c:2443 mmap_region+0x127/0x320 mm/mmap.c:1352 do_mmap+0xa09/0x1050 mm/mmap.c:500 vm_mmap_pgoff+0x1ba/0x360 mm/util.c:575 ksys_mmap_pgoff+0x7d/0x5c0 mm/mmap.c:546 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline] __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline] __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa8d7185d29 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fa8d7f96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 RAX: ffffffffffffffda RBX: 00007fa8d7375fa0 RCX: 00007fa8d7185d29 RDX: b635773f06ebbeef RSI: 0000000000b36000 RDI: 0000000020000000 RBP: 00007fa8d7f96090 R08: ffffffffffffffff R09: 0000000000000000 R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 00007fa8d7375fa0 R15: 00007ffd40a8dd18